mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-12-28 14:19:24 -05:00
remove modifying to /etc/pam.d directly (unrelased)
config-package-dev displace /etc/securetty remove trailing spaces https://forums.whonix.org/t/restrict-root-access/7658/31
This commit is contained in:
parent
cdb7c6f7eb
commit
4079632d1a
3
debian/security-misc.displace
vendored
3
debian/security-misc.displace
vendored
@ -2,5 +2,4 @@
|
||||
## See the file COPYING for copying conditions.
|
||||
|
||||
/etc/login.defs.security-misc
|
||||
/etc/pam.d/common-session-noninteractive.security-misc
|
||||
/etc/pam.d/common-session.security-misc
|
||||
/etc/securetty.security-misc
|
||||
|
11
debian/security-misc.postinst
vendored
11
debian/security-misc.postinst
vendored
@ -29,16 +29,7 @@ case "$1" in
|
||||
;;
|
||||
esac
|
||||
|
||||
[ -n "$DEBIAN_FRONTEND" ] || DEBIAN_FRONTEND="noninteractive"
|
||||
[ -n "$DEBIAN_PRIORITY" ] || DEBIAN_PRIORITY="critical"
|
||||
[ -n "$DEBCONF_NOWARNINGS" ] || DEBCONF_NOWARNINGS="yes"
|
||||
[ -n "$APT_LISTCHANGES_FRONTEND" ] || APT_LISTCHANGES_FRONTEND="text"
|
||||
export POLICYRCD DEBIAN_FRONTEND DEBIAN_PRIORITY DEBCONF_NOWARNINGS APT_LISTCHANGES_FRONTEND
|
||||
|
||||
## Jul 07 20:35:39 host sudo[16090]: PAM unable to dlopen(pam_cgfs.so): /lib/security/pam_cgfs.so: cannot open shared object file: No such file or directory
|
||||
## Jul 07 20:35:39 host sudo[16090]: PAM adding faulty module: pam_cgfs.so
|
||||
## --package hangs in Qubes updater since it starts whiptail for interactive dpkg configuration dialog.
|
||||
pam-auth-update --force
|
||||
pam-auth-update --package
|
||||
|
||||
true "INFO: debhelper beginning here."
|
||||
|
||||
|
27
debian/security-misc.prerm
vendored
27
debian/security-misc.prerm
vendored
@ -15,30 +15,9 @@ true "
|
||||
#####################################################################
|
||||
"
|
||||
|
||||
[ -n "$DEBIAN_FRONTEND" ] || DEBIAN_FRONTEND="noninteractive"
|
||||
[ -n "$DEBIAN_PRIORITY" ] || DEBIAN_PRIORITY="critical"
|
||||
[ -n "$DEBCONF_NOWARNINGS" ] || DEBCONF_NOWARNINGS="yes"
|
||||
[ -n "$APT_LISTCHANGES_FRONTEND" ] || APT_LISTCHANGES_FRONTEND="text"
|
||||
export POLICYRCD DEBIAN_FRONTEND DEBIAN_PRIORITY DEBCONF_NOWARNINGS APT_LISTCHANGES_FRONTEND
|
||||
|
||||
## pam-auth-update is usually used in postinst and prerm.
|
||||
## Added extra space after /var to avoid lintian false positive warning.
|
||||
#grep -r -l pam-auth-update /var /lib/dpkg/info
|
||||
# /var /lib/dpkg/info/libpam-runtime.postinst
|
||||
# /var /lib/dpkg/info/libpam-runtime.prerm
|
||||
# /var /lib/dpkg/info/libpam-cap:amd64.postinst
|
||||
# /var /lib/dpkg/info/libpam-cap:amd64.prerm
|
||||
# /var /lib/dpkg/info/libpam-systemd:amd64.postinst
|
||||
# /var /lib/dpkg/info/libpam-systemd:amd64.prerm
|
||||
# /var /lib/dpkg/info/libpam-cgfs.postinst
|
||||
# /var /lib/dpkg/info/libpam-cgfs.prerm
|
||||
# /var /lib/dpkg/info/libpam-gnome-keyring:amd64.postinst
|
||||
# /var /lib/dpkg/info/libpam-gnome-keyring:amd64.prerm
|
||||
|
||||
## Jul 07 20:35:39 host sudo[16090]: PAM unable to dlopen(pam_cgfs.so): /lib/security/pam_cgfs.so: cannot open shared object file: No such file or directory
|
||||
## Jul 07 20:35:39 host sudo[16090]: PAM adding faulty module: pam_cgfs.so
|
||||
## --package hangs in Qubes updater since it starts whiptail for interactive dpkg configuration dialog.
|
||||
pam-auth-update --force
|
||||
if [ "$1" = remove ]; then
|
||||
pam-auth-update --package --remove "$DPKG_MAINTSCRIPT_PACKAGE"
|
||||
fi
|
||||
|
||||
true "INFO: debhelper beginning here."
|
||||
|
||||
|
5
debian/security-misc.undisplace
vendored
Normal file
5
debian/security-misc.undisplace
vendored
Normal file
@ -0,0 +1,5 @@
|
||||
## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
|
||||
## See the file COPYING for copying conditions.
|
||||
|
||||
/etc/pam.d/common-session-noninteractive.security-misc
|
||||
/etc/pam.d/common-session.security-misc
|
@ -31,7 +31,7 @@ auth required pam_wheel.so
|
||||
# This module parses environment configuration file(s)
|
||||
# and also allows you to use an extended config
|
||||
# file /etc/security/pam_env.conf.
|
||||
#
|
||||
#
|
||||
# parsing /etc/environment needs "readenv=1"
|
||||
session required pam_env.so readenv=1
|
||||
# locale variables are also kept into /etc/default/locale in etch
|
||||
@ -40,7 +40,7 @@ session required pam_env.so readenv=1 envfile=/etc/default/locale
|
||||
|
||||
# Defines the MAIL environment variable
|
||||
# However, userdel also needs MAIL_DIR and MAIL_FILE variables
|
||||
# in /etc/login.defs to make sure that removing a user
|
||||
# in /etc/login.defs to make sure that removing a user
|
||||
# also removes the user's mail spool file.
|
||||
# See comments in /etc/login.defs
|
||||
#
|
||||
|
Loading…
Reference in New Issue
Block a user